package com.zxy.controller;


import com.zxy.model.PoItem;
import com.zxy.model.PoItemQuery;
import com.zxy.model.PoMaster;
import com.zxy.model.PoMasterQuery;
import com.zxy.service.PoService;
import org.apache.ibatis.annotations.Param;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

import java.util.List;

@RestController
@RequestMapping("/api/po")
//restFul
public class PoController {

    @Autowired
    private PoService poService;


    @GetMapping//http://a.com?a=1&b=2  //http://a.com?id=1&name=张三
    public List<PoMaster>  select(PoMasterQuery query){

        return  poService.select(query);
    }
    @GetMapping("/item")
    public List<PoItem>  select(PoItemQuery query){
        return  poService.selectItem(query);
    }
    @PostMapping//通过 RequestBody 请求体 传过来的json数据 给我们自动转为Category 这个对象
    public Integer insert(@RequestBody PoMaster  poMaster){
        return poService.insert(poMaster);
    }


    //通过 RequestBody 请求体 传过来的json数据 给我们自动转为Category 这个对象
    @PutMapping("/manage")
    //@PreAuthorize("hasRole('admin') or hasRole('user')")
    @PreAuthorize("hasAnyRole('purchaser.manager','admin')")
    //@PostAuthorize("")
    //@PreAuthorize("hasRole('purchaser.manager') and hasRole('user')")
    //@Secured({ "admin", "purchaser.manager" })
    public Integer manage(@RequestBody PoMaster  poMaster){
        return poService.update(poMaster);
    }

    @PutMapping
    public Integer update(@RequestBody PoMaster  poMaster){
        return poService.update(poMaster);
    }

}
